3 matches found
CVE-2022-38145
creationtimestamp| type| source ---|---|--- 2022-11-23 07:13:55+00:00| seen| https://t.me/cibsecurity/53402...
CVE-2022-38145
CVE-2022-38145 concerns stored XSS in SilverStripe’s versioned admin/compare view. Multiple connected sources describe that an attacker with CMS access can inject a Javascript payload by placing it in a page’s meta description, which then executes when viewing the version history compare. The mos...
CVE-2022-38145
Silverstripe silverstripe/framework through 4.11 allows XSS issue 1 of 3 via remote attackers adding a Javascript payload to a page's meta description and get it executed in the versioned history compare view...